Millions of SMEs have no cyber cover

Millions of the UK’s SMEs remain exposed to the fall out following a cyber attack, according to research published today. A third of SMEs which have been offered cyber insurance have opted to go without -- the key barrier a belief that the business is too small to be targeted. This is among the findings of joint research from CFC Underwriting and Premium Credit.

This report comes as government figures show nearly a third of small businesses have suffered cyber attacks in the past year at an average cost of £3,650.

Almost a quarter of the SMEs polled say they believe cyber insurance to be inadequate, and a fifth say they simply don't understand it. Just 10% say they cannot afford it. Almost two-thirds say they have never even been offered the cover.

The research does at least show that many small companies are taking some action to improve cyber security, with only 3% found to have done absolutely nothing.

Distribution director at CFC Underwriting, Pat Brice, said more needs to be done to articulate the value of this increasingly important cover.

"It is becoming apparent that businesses are far more likely to fall victim to cyber crime than they are to traditional crime, yet they routinely don’t have the cyber protection they need. Insurance providers and brokers need to work together to make sure they are encouraging businesses in all industries to complement good cyber security with cyber insurance in case the worst happens.”


In figures: Cyber security measures in UK SMEs (Source: CFC Underwriting and Premium Credit)

71% use antivirus software:

66% regularly back up data

57% scan for malware and change passwords

47% back up data to the cloud

46% say all laptops use encryption

43% say all devices used outside office are password/PIN protected

38% say all devices used outside office can be locked/tracked if stolen

37% use a password manager

33% patch all software/firmware using latest manufacturer software

24% say staff sending sensitive data outside office use VPNs/3G/4G

    Share Story:

Recent Stories


Your people and the pandemic: Are you doing enough?
Employee health, well-being and security have always been a vital part of risk management, and as organisations seek ways to ensure a smooth, successful and sustainable return to operations amid the evolving environment, careful consideration has to be given to all these areas, and quickly. Published August 2020

Responding to COVID-19: A safe and secure return to work
Learn more from the experts that worked on the recovery of the Diamond Princess. Published July 2020